32 matches found
EUVD-2006-2675
Malware in sbrugna...
EUVD-2006-2676
Malware in sbrugna...
EUVD-2007-3791
Malware in sbrugna...
SiteScape Forum 'dispatch.cgi' Tcl Command Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26963/info SiteScape Forum is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands in the context of the...
SiteScape Enterprise Forum 7 TCL Injection
No description provided by source. !/usr/bin/env python -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre [email protected] This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...
SiteScape Enterprise Forum 7 TCL Injection
Exploit for cgi platform in category web applications !/usr/bin/env python """ -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...
SiteScape Enterprise Forum 7 - TCL Injection
SiteScape Enterprise Forum 7 - TCL Injection !/usr/bin/env python """ -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...
SiteScape Enterprise Forum 7 - TCL Injection
!/usr/bin/env python """ -- coding: utf-8 -- sitescapesploit.py Copyright 2010 Spencer McIntyre This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, ...
SiteScape Forum dispatch.cgi脚本TCL命令注入漏洞
BUGTRAQ ID: 26963 SiteScape Forum是一款协作解决方案,专用于满足企业、政府和军队中大型和/或分布式团队的通信和程序管理需要。 SiteScape Forum没有正确地处理发送给dispatcher.cgi脚本的某些请求,允许远程攻击者通过提交恶意HTTP请求注入并执行TCL命令。 SiteScape Forum ZX SiteScape Forum ST SiteScape --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
SiteScape Forum 'dispatch.cgi' Tcl命令注入漏洞
BUGTRAQ ID: 26963 CNCAN ID:CNCAN-2007122406 SiteScape Forum是一款基于CGI的WEB应用程序。 SiteScape Forum不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是由于'dispatch.cgi'脚本对用户提交的WEB参数处理缺少充分过滤,提交包含';'元字符作为参数数据,可导致以WEB权限执行TCL代码。 SiteScape Forum ZX SiteScape Forum ST 升级到最新版本:...
Code injection
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string...
CVE-2007-6515
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string...
CVE-2007-6515
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string...
CVE-2007-6515
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string...
CVE-2007-6515
CVE-2007-6515 : TCL injection in SiteScape Forum via support/dispatch.cgi where attacker-supplied code separator characters in the query string enable remote arbitrary TCL code execution. Connected sources document this as a TCL injection issue affecting SiteScape Forum/Enterprise Forum 7.x, with...
SiteScape Forum TCL injection
Hi, I have following advisory for you. [email protected] SiteScape Forum TCL injection ================================ discovered by [email protected] PRODUCT: SiteScape Forum EXPOSURE: TCL injection SYNOPSIS ======== By URL modification it is possible to insert TCL code into aplication. Accou...
SiteScape Forum - dispatch.cgi Tcl Command Injection
SiteScape Forum - dispatch.cgi Tcl Command Injection source: https://www.securityfocus.com/bid/26963/info SiteScape Forum is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands in th...
SiteScape Forum - 'dispatch.cgi' Tcl Command Injection
source: https://www.securityfocus.com/bid/26963/info SiteScape Forum is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands in the context of the webserver process. Successful exploi...
CVE-2007-3807
Multiple cross-site scripting XSS vulnerabilities in SiteScape Forum before 7.3 allow remote attackers to inject arbitrary web script or HTML via the user name field in the login procedure, and other unspecified vectors...
CVE-2007-3807
Multiple cross-site scripting XSS vulnerabilities in SiteScape Forum before 7.3 allow remote attackers to inject arbitrary web script or HTML via the user name field in the login procedure, and other unspecified vectors...